1 Reply Latest reply on Feb 29, 2004 9:10 AM by starksm64

jaas JaasSecurityManager cache

yangju Feb 23, 2004 11:40 AM

I wonder in 3.2.x, how JaasSecurityManager cache works? Is every request from the client checked against the cache? I found out that if I make the second call immediately after the first call (I enable the session management through settting SimpleSessionHandler. Thus the two calls have the same sessionID). In this case, the second call passed even I did not provided user credentials. I checked the log, I found that credentials were not checked against the cache. Is this because that the two calls have the same sessionID?

Also, how do I set session timeout? I know the default value is 60 seconds. Do I set from client side or server side?

Thanks.

RY

1. Re: jaas JaasSecurityManager cache

starksm64 Feb 29, 2004 9:10 AM (in response to yangju)

How is the SimpleSessionHandler being set?
Actions